PublicDateAtUSN: 2015-05-29
Candidate: CVE-2013-7441
PublicDate: 2015-05-29 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7441
 http://www.openwall.com/lists/oss-security/2015/05/19/6
 https://ubuntu.com/security/notices/USN-2676-1
Description:
 The modern style negotiation in Network Block Device (nbd-server) 2.9.22
 through 3.3 allows remote attackers to cause a denial of service (root
 process termination) by (1) closing the connection during negotiation or
 (2) specifying a name for a non-existent export.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781547
Priority: medium
Discovered-by: Tuomas Räsänen
Assigned-to: mdeslaur
CVSS: 

Patches_nbd:
 upstream: https://github.com/yoe/nbd/commit/741495cb08503fd32a9d22648e63b64390c601f4
upstream_nbd: released (1:3.4-1)
precise_nbd: released (1:2.9.25-2ubuntu1.1)
trusty_nbd: not-affected (1:3.7-1)
trusty/esm_nbd: not-affected (1:3.7-1)
utopic_nbd: not-affected
vivid_nbd: not-affected
devel_nbd: not-affected